forked from Linaro/works-on-woa
-
Notifications
You must be signed in to change notification settings - Fork 0
112 lines (102 loc) · 3.93 KB
/
push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
on:
push:
branches: ["main", "staging"]
workflow_dispatch:
# Cancel in-progress jobs or runs for the current workflow
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
NODE_VERSION: "20.x"
permissions:
contents: read
jobs:
pre-build:
runs-on: ubuntu-latest
outputs:
env_name: ${{ steps.set_env.outputs.env_name }}
steps:
- name: Set environment name
id: set_env
run: |
if [[ "${{ github.ref_name }}" == "staging" ]]; then
echo "env_name=Development" >> $GITHUB_OUTPUT
fi
if [[ "${{ github.ref_name }}" == "main" ]]; then
echo "env_name=Production" >> $GITHUB_OUTPUT
fi
build:
needs: [pre-build]
runs-on: ubuntu-latest
environment:
name: ${{ needs.pre-build.outputs.env_name }}
steps:
- uses: actions/[email protected]
with:
fetch-depth: "0"
- name: Set up Node.js
uses: actions/[email protected]
with:
node-version: ${{ env.NODE_VERSION }}
cache: "npm"
- name: Install Lambda dependencies
run: |
npm install
working-directory: aws-lambdas
- name: Structure Lambda AppForm
run: |
mkdir -p AppForm
shopt -s extglob
cp -r !(AppForm|GameForm) AppForm/
working-directory: aws-lambdas
- name: Structure Lambda GameForm
run: |
mkdir -p GameForm
shopt -s extglob
cp -r !(AppForm|GameForm) GameForm/
working-directory: aws-lambdas
- name: Build and deploy
env:
GITHUB_APP_ID: ${{ vars.GH_APP_ID }}
GITHUB_APP_INSTALLATION_ID: ${{ vars.GH_APP_INSTALLATION_ID }}
GITHUB_APP_PK_BASE64: ${{ secrets.GH_APP_PK_BASE64 }}
GITHUB_BASE_BRANCH: ${{ vars.GH_BASE_BRANCH }}
GITHUB_OWNER: ${{ vars.GH_OWNER }}
GITHUB_REPO: ${{ vars.GH_REPO }}
RECAPTCHA_V2_VERIFY_URL: ${{ vars.RECAPTCHA_V2_VERIFY_URL }}
RECAPTCHA_V2_SECRET_KEY: ${{ secrets.RECAPTCHA_V2_SECRET_KEY }}
PUBLIC_API_HOST: ${{ vars.PUBLIC_API_HOST }}
PUBLIC_APPLICATION_API_ENDPOINT: ${{ vars.PUBLIC_APPLICATION_API_ENDPOINT }}
PUBLIC_GAME_API_ENDPOINT: ${{ vars.PUBLIC_GAME_API_ENDPOINT }}
run: |
# Set up the environment variables
export NODE_OPTIONS=--experimental-wasm-modules
export AUTH_SECRET=${{ secrets.AUTH_SECRET }}
export AUTH0_CLIENT_ID=${{ secrets.AUTH0_CLIENT_ID }}
export AUTH0_CLIENT_SECRET=${{ secrets.AUTH0_CLIENT_SECRET }}
export AUTH_TRUST_HOST=${{ vars.AUTH_TRUST_HOST }}
export AUTH0_ISSUER_BASE=${{ vars.AUTH0_ISSUER_BASE }}
export AUTH_API_URL=${{ vars.AUTH_API_URL }}
export SPIRE_WEBSITES_ID=${{ vars.SPIRE_WEBSITES_ID }}
export PUBLIC_KEY_URL=${{ vars.PUBLIC_KEY_URL }}
export CUSTOM_DOMAIN=${{ vars.CUSTOM_DOMAIN }}
export HOSTED_ZONE=${{ vars.HOSTED_ZONE }}
export IS_PUBLIC=${{ vars.IS_PUBLIC }}
# Set up yarn
yarn install
# Set up AWS CLI & credentials
sudo apt update && sudo apt upgrade -y && sudo apt install -y pipx
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install --update
cp -R .aws ~/
pipx run pipenv install
$(pipx run pipenv run python ./get_aws_creds.py -i ${{ secrets.VAULT_ROLE_ID }} -s ${{ secrets.VAULT_SECRET_ID }} -r ${{ secrets.VAULT_ROLE }} 2>&1 | tee /dev/stderr)
# Build & deploy
if [[ "${{ github.ref_name }}" == "staging" ]]; then
export STAGE="dev"
fi
if [[ "${{ github.ref_name }}" == "main" ]]; then
export STAGE="main"
fi
yarn sst deploy --stage $STAGE